Secure mobile payment system

ABSTRACT

The present invention provides a method for conducting a transaction that includes receiving a pseudo account identifier that corresponds to a primary account identifier. The pseudo account identifier may be received at a portable wireless device and may be generated by a remote server computer. The portable wireless device can receive the pseudo account identifier over a first network and provide the pseudo account identifier to an access device. The access devices generally comprises a reader that can receive the pseudo account identifier, and thereafter send a message to request authorization of a transaction. The authorization request message may include the pseudo account identifier and is sent to a payment processing network. The authorization request message is sent to the payment processing network over a second network. The payment processing network may then process the authorization message and return a response that indicates if the transaction is authorized or not.

CROSS-REFERENCES TO RELATED APPLICATIONS

This application claims priority to U.S. Provisional Patent ApplicationNo. 60/946,113 filed Jun. 25, 2007, entitled “Payment Transaction Systemand Method,” which is hereby incorporated by reference in its entirety.

Names of Parties to a Joint Research Agreement

Visa International Service Association, Inc. and Visa U.S.A. Inc. areparties to a Joint Research Agreement.

BACKGROUND

Embodiments of the present invention relate to portable wireless devicesthat may be used to conduct contactless payment transactions. Morespecifically, embodiments of the present invention relate to conductingthose transactions in a secure manner.

In today's society the presence of portable wireless devices carried byconsumers has become almost ubiquitous. Cellular telephones, PersonalDigital Assistants (PDAs), pagers, and the like are being carried bylarger and larger numbers of people. These devices are being used toperform a wide variety of tasks, such as standard voice communications,e-mail access, internet web surfing, and a whole host of otheractivities. One of the activities that is currently contemplated is theuse of a portable wireless device to act as a replacement for a paymentcard, such as a standard credit or debit card.

At least one major manufacturer of cellular phones has introduced aphone that is capable of being used as a payment card. In addition tothe standard elements and capabilities of a cellular phone, the devicealso contains an additional element that is capable of storing a user'spayment card information, such as their credit card account number, inthe element on the phone. This element is further tied in with a shortrange wireless transmission element, such as a Radio FrequencyIdentification (RFID) tag, to allow the phone to transmit the accountnumber over a short range to a contactless reader.

Contactless readers are becoming more and more commonplace in the marketas a replacement for standard credit card readers. As opposed to astandard card reader, whose operation involves a merchant or theconsumer physically sliding the payment card through the card reader inorder for the payment card account information to be read, a contactlesscard reader is able to retrieve the payment card information from thedevice through the use of a short range radio transmission, such asthose provided by RFID tags. The device need only be held in thevicinity of the contactless reader. A real world example of such acontactless reader can be seen in a payment system offered by a majorgasoline seller in the US. In that system, a consumer is issued a smalldevice that may be attached to a keyring, and that further contains theconsumers payment account information and a short range wirelesstransmission element. When the user purchases gasoline at the pump, hemerely needs to wave this device in front of a designated area on thepump, and the payment account information is transferred to the sellerto process the transaction.

Although the use of contactless card readers provides for increasedconvenience to the user, there are also disadvantages that thistechnology presents. Due to the wireless nature of the contactlessreader, it is possible that the contactless reader may be used forsurreptitious interrogation of the portable wireless device byintercepting the portable wireless device's communications. In addition,it is conceivable that a contactless reader may be developed or modifiedto enhance its power and sensitivity and thereby increase its ability tointerrogate with and intercept signals from the portable wireless devicefrom a greater distance than specified in standards used for contactlessreaders.

Theft of sensitive information, such as an account number, usingwireless interrogation or interception of communications from portablewireless device is a major concern for consumers and businesses alike.Unfortunately, given the sophistication of the wireless interrogationequipment and the nature of wireless signals, it is easy for wirelessinterrogation to occur at virtually any time and place. Once the victimof the wireless interrogation discovers that they had sensitiveinformation stolen, it is often too late to discover where the thefttook place. The victim must then deal with the consequences and hassleof correcting the unauthorized access and possible uses of theinformation.

In response to such risk, many payment service providers have instigatedsafeguards for protecting purchases from fraudulent attacks, forexample, by employing encryption technologies to encrypt the paymentaccount number and other data associated with account transactions.Encryption generally involves encrypting transaction data on one end ofa transmission with a key, and then regenerating the originaltransaction data by decrypting the encrypted data received with the samekey on the other end of the transmission. While encryption technologieshave proven to be highly effective in preventing information theft,implementing or upgrading to the latest encryption technology oftenrequires upgrades by the end users of payment processing networks. Dueto the cost, time, and risk of potential business interruption (e.g.,loss of sales), many merchants, for example, resist making necessaryupgrades to their procedures and systems to implement such safeguards.Therefore, such safeguards have had limited success as they aregenerally expensive to implement, can be overcome, and have not beenfully accepted by the credit card industry, merchants, paymentprocessors, etc.

In the case of a portable wireless device, such as that described abovein relation to a cellular phone, it may be possible to require some typeof code, such as a Personal Identification Number (PIN) to be enteredprior to enabling the short range wireless transmission element.Although this may partially resolve the issue of the wirelesstransmission being intercepted while the user is not actively using thedevice, it still does not resolve the situation where the sensitiveinformation is intercepted while the user is making a legitimatepurchase and has thus already entered the PIN.

Therefore, what is needed is a cost effective device and method thatintegrates easily with existing payment processing networks and preventsan unauthorized user from using data wirelessly interrogated orintercepted from a portable wireless device.

Embodiments of the invention address the above problems and otherproblems individually and collectively.

BRIEF SUMMARY

Embodiments of the present invention provide a device and methods forconducting transactions using pseudo primary account identifiers fromportable wireless devices.

Embodiments of the invention include the use of “primary accountidentifiers” and “pseudo primary account identifiers.” A “primaryaccount identifier” is an example of an “account identifier.” A “pseudoprimary account identifier” is also an example of a “pseudo accountidentifier.” These account identifiers may include account numbers orany other alphanumeric sequence. An account identifier may be used torelate a transaction to a specific account.

In one embodiment, the present invention provides a method forconducting a transaction that includes receiving a pseudo accountidentifier that corresponds to a consumer's account identifier. Thepseudo account identifier may be received at a portable wireless deviceand may have been previously generated by a remote server computer. Theportable wireless device can receive the pseudo account identifier overa first network. This embodiment may also include providing the pseudoaccount identifier to an access device. The access device may generallycomprise a reader that can receive the pseudo account identifier, andthereafter send a message to request authorization of a transaction. Thereader may be a contact based reader or a contactless reader. Theauthorization request message may include the pseudo account identifierand may be sent to a payment processing network. Generally, theauthorization request message may be sent to the payment processingnetwork over a second network. The payment processing network may thenprocess the authorization message and return a response that indicatesif the transaction is approved or not approved.

In another embodiment, the present invention provides a method thatincludes receiving a request for a pseudo account identifier, whereinthe pseudo account identifier corresponds with an account identifier.The request for the pseudo account identifier may be received over afirst network. The method may further include generating a pseudoaccount identifier, where the pseudo account identifier is generallyrelated to an account identifier. The pseudo account identifier may thenbe sent to a portable wireless device over the first network.Thereafter, the portable wireless device may use the pseudo accountidentifier to conduct one or more transactions, by providing the pseudoaccount identifier to an access device.

In yet another embodiment, the present invention provides for receivinga pseudo primary account identifier from a portable wireless device. Thepseudo primary account identifier may be generally related to a primaryaccount identifier. The method may further comprise sending atransaction authorization request that may contain the pseudo accountidentifier. The pseudo primary account identifier may then be receivedby a payment processing network and the payment processing network canconvert the pseudo primary account identifier to the related primaryaccount identifier. The authorization request message can then beprocessed using the primary account identifier and the transaction maybe approved or denied and a response to the authorization request may besent. The authorization response message may then be received and itscontents can indicate if the transaction is approved or not approved.

In yet another embodiment, the present invention provides a portablewireless device for performing contactless transactions. The portablewireless device may include a long range wireless communicationselement. The portable wireless devices may also include a short rangecommunications element. The portable wireless device can also includes aprocessor that is coupled to both the long and short range wirelesscommunications elements. The processor can also be coupled to a memorythat comprises computer code that allows the portable wireless device toreceive a pseudo account identifier that generally corresponds to aprimary account identifier. The pseudo account identifier may begenerated by a remote server and sent to the portable wireless deviceover a first network. The pseudo account identifier may then be receivedby the portable wireless device by using the long range communicationselement. The memory may also comprise code that allows the portablewireless device to provide the pseudo account identifier to an accessdevice. The portable wireless device can generally provide the pseudoaccount identifier to the access device by using the short rangecommunications element. The memory may also contain code that allows thepotable wireless device to store a primary account identifier.

In yet another embodiment, the present invention provides a method forconducting a transaction that includes generating a pseudo accountidentifier that corresponds to a consumer's account identifier. Thepseudo account identifier may be sent by a portable wireless device andmay be sent to a remote server computer. The portable wireless devicecan send the pseudo account identifier over a first network. Thisembodiment may also include providing the pseudo account identifier toan access device. The access device may generally comprise a reader thatcan receive the pseudo account identifier, and thereafter send a messageto request authorization of a transaction. The reader may be a contactbased reader or a contactless reader. The authorization request messagemay include the pseudo account identifier and may be sent to a paymentprocessing network. Generally, the authorization request message may besent to the payment processing network over a second network. Thepayment processing network may then process the authorization messageand return a response that indicates if the transaction is approved ornot approved.

In yet another embodiment, the present invention provides a method thatincludes receiving a pseudo account identifier, wherein the pseudoaccount identifier corresponds with an account identifier. The pseudoaccount identifier may be received over a first network. The method mayfurther include storing the pseudo account identifier, where the pseudoaccount identifier is generally related to an account identifier. Areceipt acknowledgement may then be sent to a portable wireless deviceover the first network. Thereafter, the portable wireless device may usethe pseudo account identifier to conduct one or more transactions, byproviding the pseudo account identifier to an access device.

In yet another embodiment, the present invention provides a portablewireless device for performing contactless transactions. The portablewireless device may include a long range wireless communicationselement. The portable wireless devices may also include a short rangecommunications element. The portable wireless device can also includes aprocessor that is coupled to both the long and short range wirelesscommunications elements. The processor can also be coupled to a memorythat comprises computer code that allows the portable wireless device togenerate a pseudo account identifier that generally corresponds to aprimary account identifier. The pseudo account identifier may be sent toa remote server by the portable wireless device over a first network.The pseudo account identifier may then be sent to the remote server byusing the long range communications element. The memory may alsocomprise code that allows the portable wireless device to provide thepseudo account identifier to an access device. The portable wirelessdevice can generally provide the pseudo account identifier to the accessdevice by using the short range communications element. The memory mayalso contain code that allows the potable wireless device to store aprimary account identifier.

These and other embodiments of the invention are described in furtherdetail below.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a high level diagram illustrating one embodiment of atransaction processing system in accordance with the present invention;

FIG. 2 is a message flow diagram illustrating message flows in oneembodiment of a transaction processing system in accordance with thepresent invention.

FIG. 3 is a message flow diagram illustrating an alternative messageflow according to another embodiment of the invention.

FIG. 4 is a high-level flow diagram illustrating one embodiment of amethod of processing a transaction in accordance with the presentinvention.

FIG. 5 is a high level block diagram illustrating a portable wirelessdevice in accordance with the present invention.

FIG. 6 shows block diagrams of portable consumer devices.

FIG. 7 shows a block diagram of a computer apparatus.

DETAILED DESCRIPTION

Embodiments of the invention are directed to the use of a pseudo accountidentifier such as a pseudo primary account identifier obtained by aportable wireless device. A portable wireless device according to anembodiment of the invention may be a mobile cellular phone, a PDA, andthe like, capable of wireless transmission of a pseudo primary accountidentifier, in lieu of a user's real account identifier such as aprimary account identifier (PAI) or a user's real primary account number(PAN). The portable wireless device may also be capable of receiving apseudo primary account identifier that corresponds to a real accountidentifier.

Pseudo primary account identifiers may include account identifiers thatare similar in format to a consumer's real account identifier. Forexample, if a user's real primary account identifier contains nineteendigits, the pseudo primary account identifier may also contain nineteendigits. In some embodiments, the pseudo primary account identifier maybe of any length or type as long as it resembles the format of a realprimary account identifier, such as a credit card number, debit cardnumber, gift card number, and the like. For example, the pseudo primaryaccount identifier may resemble a gift card number that is twenty onedigits in length, when the user's real primary account identifier isnineteen digits long. The pseudo primary account identifier may also bedescribed using terms such as bogus, fake, decoy, substitute, or thelike.

From a merchant's perspective, transaction processing using a pseudoprimary account identifier is completely transparent. That is to saythat a merchant processing a transaction using a pseudo primary accountidentifier can process the transaction in exactly the same manner as ifthe transaction was occurring with a real primary account identifier. Insome embodiments, it is actually preferable that the merchant have noknowledge as to whether a real or pseudo primary account identifier isbeing used in the transaction. As such, a merchant can continue toprocess transactions with currently installed equipment and no change isrequired at the merchant in order to process transactions using pseudoprimary account identifiers.

In embodiments of the invention, the pseudo primary account identifiermay be received by the portable wireless device through the use of anysuitable communications network. Examples of such networks may includethe cellular telephone network, networks provided by wireless e-mailservice providers, and the like. Typically, these networks are openaccess networks and provide features and services that may be completelyunrelated to transaction processing. For example, the cellular telephonenetwork may be used for general voice communication. The cellulartelephone network may also be used for data communications, to enablethe user to perform tasks such as surfing the internet, reading e-mail,or any other tasks that are associated with a general purpose datanetwork.

In one embodiment of the invention, a portable wireless device may havestored within its internal memory one or more primary accountidentifiers. A consumer who wishes to perform a transaction using theportable wireless device may begin by first enabling the device.Enabling the device may comprise turning the device on or entering apersonal identification number (PIN) or password into the device toallow the user to access the device's functions. The user may thenselect which account he wishes to use to perform the transaction byselecting from among the one or more primary account identifiers thathave been stored in the device. Selection of a primary account on theportable wireless device can occur using any suitable input mechanism.Examples can include keypad entry, touch screen entry, with or without astylus, keyboard entry, voice response entry, and the like.

In this exemplary embodiment, the portable wireless device may thenaccess the communications network through the use of one or morewireless access points provided by the network. The particular structureof a wireless access point may vary depending on the specificcommunications network, however access to a wireless communicationsnetwork by a portable wireless device through the use of a wirelessnetwork access point is well known. For example, wireless communicationfrom a cellular telephone to cellular base station wireless accesspoints to gain access to the cellular telephone network is well known.Other types of wireless access technologies may include Bluetooth, WiFi,and the like.

Upon gaining access to the communications network, in this exemplaryembodiment, the portable wireless device may send a request through thecommunications network to a payment processing network in order toretrieve a pseudo primary account identifier that corresponds to theprimary account identifier that was previously selected. This requestmay be in the form of a message that includes sufficient information toidentify for which primary account a pseudo primary account identifieris desired. In the simplest case, this request message may include theprimary account identifier. In response, the payment processing networkcan return a pseudo primary account identifier that corresponds to theprimary account identifier. The payment processing network maydynamically generate the pseudo primary account identifier, select itfrom a list of predefined pseudo primary account identifiers, or use anyother means to create a pseudo primary account identifier. The paymentprocessing network can further store the pseudo primary accountidentifier's relationship to the primary account identifier. The paymentprocessing network can respond to the request from the portable wirelessdevice with a response message that contains a pseudo primary accountidentifier. The response can be sent over the communications networkback to the portable wireless device.

In addition to storing the relationship of the pseudo primary accountidentifier to the primary account identifier, the payment processingnetwork may also store additional details about the relationship. Forexample, the pseudo primary account number may be set to expire after acertain number of transactions or after a certain time period. Doing socan help to ensure that if for some reason a pseudo primary accountnumber is revealed to anyone other than an authorized user, the amountof damage that can be done is limited due to the limited lifetime of thepseudo primary account number.

Although in the exemplary embodiment described above, the pseudo primaryaccount identifier is sent by the payment processing network in responseto a request from the portable wireless device, the present invention isnot limited to such implementations. In alternative implementations, thepseudo primary account identifier may not be requested at all, butrather is pushed to the portable wireless device at any time, such aswhen the device is turned on, when the device is idle, periodically, orthrough any other such criteria. Likewise, in the exemplary embodimentpresented above, a request for a pseudo primary account identifier neednot occur only after a user has enabled the device and selected anaccount. A request for a pseudo primary account identifier correspondingto a primary account identifier may occur at any time, such as when thedevice is turned on, when the device is idle, periodically, or throughany other such criteria.

In an alternative embodiment, the pseudo primary account identifier maynot be requested by the portable wireless device at all. The portablewireless device may generate the pseudo primary account identifier. Thegenerated pseudo primary account identifier may then be sent to thepayment processing network over the communications network. The paymentprocessing network can store the received pseudo primary accountidentifier and store the association with the primary accountidentifier. The payment processing network can send an acknowledgementto the portable wireless device indicating that the pseudo primaryaccount identifier has been received.

The payment processing network may include data processing subsystems,networks, and operations used to support and deliver authorizationservices, exception file services, and clearing and settlement services.An exemplary payment processing network may include VisaNet™. Paymentprocessing networks such as VisaNet™ are able to process credit cardtransactions, debit card transactions, and other types of commercialtransactions. VisaNet™, in particular, includes a single message system(SMS) that automatically authorizes and provides enough information toautomatically clear and settle a financial transaction, and/or a VIPsystem (Visa Integrated Payments system) which processes authorizationrequests and a Base II system, which performs clearing and settlementservices.

In an exemplary embodiment, once the portable wireless device has apseudo primary account identifier that is associated with a primaryaccount identifier and has been enabled for use, the user may thenproceed to use the portable wireless device to conduct a transaction.Typically, in addition to the elements for the portable wireless deviceto communicate with the communications network, the device can also haveelements for shorter range wireless communication (e.g. near fieldcommunication). In one embodiment, the shorter range communicationelement may be a Radio Frequency Identification (RFID) tag or element,although embodiments of the invention are not limited to the use ofRFID, and any suitable form of short range wireless transmission may beused. In alternative embodiments, the same elements that are used forcommunications with the communications network may also be used for theshort range transmission.

The user may then utilize the short range wireless transmission elementof the portable wireless device to transmit the pseudo primary accountnumber to a contactless reader at a merchant site. A contactless readercan be part of an access device, which can have wireless communicationand transmission modules (e.g., receiver, transceiver, etc.). Suchcontactless readers may be present in access devices such aspoint-of-sale (POS) terminals, ATMs (automatic teller machines), and thelike. The portable wireless devices according to embodiments of theinvention may operate with any number of such contactless reader devicesusing a variety of operating standards.

Although this exemplary embodiment has referred to access devices thatcontain contactless readers, the present invention is not limited toaccess devices containing contactless readers. Any suitable form ofaccess device, including both contact and contactless access devices,are within the scope of embodiments of the present invention.

After receiving the pseudo primary account identifier from thecontactless device, the merchant may then use that identifier, as wellas additional information to form an authorization request message. Anauthorization request message can include a request for authorization toconduct an electronic payment transaction or some other type ofactivity. It may include one or more of an account holder's paymentaccount number, currency code, sale amount, merchant transaction stamp,acceptor city, acceptor state/country, POS transaction number, POStransaction type, etc. Optionally, an authorization request message maybe protected using a secure encryption method—e.g., 128-bit SSL orequivalent—in order to prevent data from being compromised.

Because the pseudo primary account identifier can be transitory and mayhave a limited lifetime, it can be noted that this provides a level ofprotection to the consumer's account. If the pseudo primary accountidentifier transmitted between the portable wireless device and thecontactless reader is intercepted, it would be of limited or no use to aperson wishing to use it for conducting unauthorized transactions, as itwould likely have expired before any illicit use could be made. It isfurther noted that the primary account is also protected fromunscrupulous merchants because the merchant only receives the transitorypseudo primary account identifier and never receives the real primaryaccount identifier.

Additionally, because the pseudo primary account identifier isstructured in such a way as to be indistinguishable from a real primaryaccount identifier, the merchant will not have to alter any of histransaction processing systems. From the merchants point of view, thetransaction proceeds exactly the same, regardless of if a real or pseudoprimary account identifier is being used.

As mentioned above, transaction processing from the merchant's point ofview occurs without any changes. Typically, after the merchant generatesan authorization request message, that message is sent to the merchant'sacquirer. An acquirer is typically a business entity (e.g., a commercialbank) that has a business relationship with a particular merchant. Theauthorization request message is typically sent to the acquirer using atransaction processing network. The transaction processing network istypically more secure than the communications network that has beendiscussed previously, because access is generally limited to only thoseparties that are involved in the authorization and settlement oftransactions.

The acquirer can then forward the authorization request message to thepayment processing network using the transaction processing network. Thepayment processing network, having previously generated or received thepseudo primary account identifier and stored the relationship to aprimary account identifier, may then convert the pseudo primary accountidentifier in the authorization request message back to the real primaryaccount identifier. Conversion of the pseudo primary account identifierto the real primary account identifier can be done through any suitablemeans, such as a mathematical operation, a database table look up,generating the primary account identifier based on the pseudo primaryaccount identifier, or any other means that are well known. Theauthorization request message that now contains the real primary accountidentifier may then be sent to the issuer of the primary accountidentifier.

An issuer is typically a business entity (e.g., a bank) that issuesaccounts, such as a credit or debit card to a consumer. These accountsare generally identified by a primary account identifier. Some entitiessuch as American Express perform both issuer and acquirer functions.Embodiments of the invention encompass such single entityissuer-acquirers.

Typically, an electronic payment transaction is authorized if theconsumer conducting the transaction has sufficient funds or credit toconduct the transaction. Conversely, if there are insufficient funds orcredit in the consumer's account, or if the consumer's portable wirelessdevice is on a blacklist (e.g., it is indicated as stolen), then anelectronic payment transaction may not be authorized (e.g., declined).After making a determination if the transaction is authorized or not,the issuer may return an authorization response to the paymentprocessing network over the transaction processing network. The paymentprocessing network may then return this response to the acquirer overthe transaction processing network. The response may then be finallysent back to the originating merchant from the acquirer over thetransaction processing network.

The user, through the merchant, then receives indication from theresponse to indicate that the transaction has been approved or denied.Examples of such indication could be an approval message displayed on ascreen at the merchant or a receipt being printed at the merchant.

Throughout the discussion above of exemplary embodiments of the presentinvention, reference has been made to a communications network and atransaction processing network. Although referenced as two separatenetworks, it should be understood that the networks may share somecommon physical elements. For example, the portable wirelesscommunications device may access the communications network through theuse of a wireless network access point. From there, messages sent fromthe device to the payment processing network may be sent over a generalpurpose network such as the Internet. Likewise, communications in thetransaction processing network, such as those between the acquirer andthe payment processing network or those between the payment processingnetwork and the issuer, may also be sent over the Internet. Through theuse of various protocols, encryptions, network configurations, and thelike, which are all known within the art, the communications network andthe transaction processing network may be thought of as two logicallyseparated networks, despite the fact that they may share some commonphysical elements.

FIG. 1 is a high level diagram illustrating one embodiment of atransaction processing system 100. The transaction processing system 100includes a portable wireless device 102, an contactless reader 104, amerchant 106, an acquirer 108, a payment processing network 110, anissuer 112, a transaction processing network 114, a communicationsnetwork 116, and a wireless access point 118. The components illustratedin FIG. 1 can be in operative communication with each other.

The portable wireless device 102 according to embodiments of theinvention may be in any suitable form. For example, the portablewireless device 102 may include any such device that contains a wirelesscommunication element. Such devices may include cellular telephones,Personal Digital Assistants (PDA), pagers and the like. Such portablewireless devices 102 can have one or more antennas coupled with wirelesstransmission elements to wirelessly transmit and receive data using awireless communications media. One exemplary embodiment of a portablewireless device 102 may include a cellular telephone. The cellulartelephone may be equipped with one or more antennas that are coupledwith long range transmission elements to allow the cellular telephone tocommunicate with a communications network 116, such as the cellulartelephone network.

In this exemplary embodiment, the cellular telephone 102 may communicatewith the cellular network 116 through the use of one or more wirelessaccess points 118. The access points 118 may be wireless base stationsthat provide coverage to large geographic areas or may be more localizedsuch as those access points that provide in building coverage. In anycase, access to the communications network 116 is provided to theportable wireless device through the use of wireless access points 118.There are many forms of wireless access to a communications network thatwould be know to a person of skill in the art and any suitablealternative would be within the scope and spirit of the presentinvention.

The communications network 116 may be one of any suitable form. Asdiscussed above, one such network may be the cellular telephone network.Other examples may include the public switched telephone network, aproprietary network such as the RIM network, or any other networkcapable of transmitting and receiving data between two or moreendpoints. The communications network 116 allows for a communicationschannel between any two suitably configured end points.

The portable wireless device 102 may also contain a short rangetransmission element that may be used to communicate with a contactlessreader 104. The short range transmission element can be one of manytypes that would be well known to a person of skill in the art. Examplesof these types of communications elements could be elements such asRadio Frequency Identification Tags (RFID), optical communications, suchas through the use of optical transponders, or any other method ofcommunications over a short range that are known in the art. Thecontactless reader 104 may be a device capable of communicating with theportable wireless device and may contain communications elements tosupport such communications. The contactless reader 104 may be capableof wirelessly receiving primary and pseudo primary account identifiers.The contactless reader 104 can be located at a merchant's 106 location,or may be simply operated by the merchant 106.

The merchant 106 may also be operatively connected to an acquirer 108through at least a portion of a transaction processing network 114. Theacquirer 108 may be operatively coupled to one or more merchants 106 inorder to provide the merchants 106 with access to a payment processingnetwork 110. The acquirer 108 in turn may be operatively coupled to apayment processing network 110 through the transaction processingnetwork 114. The acquirer 108 may receive transaction requests from themerchant 106 and transmit the transaction requests to the paymentprocessing network 110. The acquirer 108 typically communicates with thepayment processing network through the use of a secured communicationschannel, such as that provided by the transaction processing network114. Although the secured communications channel may make use ofelements of the communications network 116, access to the paymentprocessing network 110 by the merchant 106 through the acquirer 108 isrestricted.

The payment processing network 110 may include data processingsubsystems, networks, and operations used to support and deliverauthorization services, exception file services, and clearing andsettlement services. An exemplary payment processing network 110 mayinclude VisaNet™. Payment processing networks such as VisaNet™ are ableto process credit card transactions, debit card transactions, and othertypes of commercial transactions. VisaNet™, in particular, includes asingle message system (SMS) that automatically authorizes and providesenough information to automatically clear and settle a financialtransaction, and/or a VIP system (Visa Integrated Payments system) whichprocesses authorization requests and a Base II system, which performsclearing and settlement services.

The payment processing network 110 may include a server computer. Aserver computer is typically a powerful computer or cluster ofcomputers. For example, the server computer can be a large mainframe, aminicomputer cluster, or a group of servers functioning as a unit. Inone example, the server computer may be a database server coupled to aweb server. The payment processing network 110 may use any suitablewired or wireless network, including the Internet.

The payment processing network 110 may further be connected to acommunications network 116. This connection allows the paymentprocessing network to send and receive messages to any other entity thatmay also be connected to the communications network 116. Although thepayment processing network 110 may make use of common physical networkelements to communicate with acquirers 108 and portable wireless devices102, it is understood that embodiments of the invention allow forcommunication with the payment processing network 110 through the use ofat least two separate communications channels (e.g., the transactionprocessing network 114 and the communications network 116). The firstchannel, or network may be a publicly available communications network116, such as the cellular telephone network. The second channel, ornetwork, may be a restricted access network, such as the one used tocommunicate between acquirers 108 and the payment processing network110.

The payment processing network 110 may be configured to receive arequest for a pseudo primary account identifier that corresponds to aprimary account identifier over the communications network 116. Thepayment processing network 110 may then generate a pseudo primaryaccount number corresponding to a primary account number and return thepseudo primary account number to the source of the request using thecommunications network 116. Additionally, the payment processing network110 can store the pseudo primary account identifier that was generatedso that it may be later converted back into the associated primaryaccount identifier.

In an alternative embodiment, the payment processing network 110 may beconfigured to receive a pseudo primary account identifier thatcorresponds to a primary account identifier over the communicationsnetwork 116. The payment processing network 110 may then store thepseudo primary account number corresponding to a primary account numberand return an acknowledgement to the source of the request using thecommunications network 116. Additionally, the payment processing network110 can store the pseudo primary account identifier that was received sothat it may be later converted back into the associated primary accountidentifier.

As used herein, “generated” pseudo account identifiers can include thosethat are created for the first time for the particular transaction ortransactions taking place. A pseudo account number may alternatively begenerated by retrieving the pseudo account number from a memory orcomputer readable medium, wherein the pseudo account number waspreviously created and then stored.

Additionally, the payment processing network 110 is also operativelycoupled to one or more issuer 112 systems through the transactionprocessing network 114. An issuer 112 is typically a business entity(e.g. a bank) that issues financial accounts. Issuers 112 generallytrack the accounts that are issued through the use of a primary accountidentifier. An issuer 112 may receive a transaction authorizationmessage that is generated at a contactless reader 104, passed through amerchant 106 via an acquirer 108, to a payment processing network 110and transmitted to the issuer 112 over a transaction processing network114. The issuer 112 may then process the transaction authorizationrequest message to determine if the transaction is authorized and returna response back to the merchant 106 through the use of the transactionprocessing network 114.

FIG. 2 is a message flow diagram illustrating message flows in oneembodiment of a transaction processing system in accordance with thepresent invention. In one exemplary embodiment, a transaction may beginat 214 when a user has selected goods and/or services that the userwishes to purchase. The user may begin by entering a PersonalIdentification Number (PIN) into the portable wireless device 202 inorder to unlock the device. Although this exemplary embodiment uses aPIN to unlock the device, any other security mechanism, such as the useof a password, biometric information (e.g. fingerprint), or any otherform of well known device access security may be used.

The user then may select which virtual card they wish to use to conductthe transaction 214. A virtual card corresponds to an account that theuser has with an issuer and may be identified by the issuer through theuse of a primary account identifier. A user may have several differentaccounts which may be issued by several different issuers. All of theseaccounts may be stored on the portable wireless device and the userselects which one he wishes to use for this transaction.

In this exemplary embodiment, the portable wireless device 202 may thenrequest a pseudo primary account identifier that corresponds with aprimary account identifier from the payment processing network 210. Therequest 216 for the pseudo account number will contain information thatis necessary for the payment processing network to identify the primaryaccount identifier and generate a pseudo primary account identifier. Inone embodiment, the request message may contain the primary accountidentifier itself 216. The request message can be sent from the portablewireless device 202 to the payment processing network 210 over acommunications network that is generally separate from the network usedto authorize the transaction. In an alternative embodiment, the portablewireless device 202 may generate a pseudo primary account identifierthat corresponds to a primary account identifier, and send the generatedpseudo primary account identifier to the payment processing network 210.

The payment processing network 210 may then receive the request for apseudo primary account identifier (PAI), along with sufficientinformation to identify the primary account identifier 216. The paymentprocessing network 210 can then generate a pseudo primary accountidentifier and store the pseudo primary account identifier for later use218. The pseudo primary account identifier may then be returned to theportable wireless device 202 through the communications network 220. Thepseudo primary account number may then be used to conduct thetransaction. Although in this exemplary embodiment, the pseudo primaryaccount number is not requested until the user has entered his PIN, itshould be noted that in alternative embodiments, the request could bemade at any time. For example, a request for a pseudo primary accountidentifier could be made at the time the portable wireless device ispowered on, at certain periodic time intervals, or at any time theportable wireless device is idle. In other alternative embodiments, thepseudo primary account identifier may not be requested but rather may bepushed from the payment processing network to the portable wirelessdevice. In another alternative embodiment the pseudo primary accountnumber is generated by the portable wireless device and sent to thepayment processing network. The payment processing network can store thepseudo primary account identifier and send an acknowledgement of receiptto the portable wireless device.

Once the portable wireless device has received the pseudo primaryaccount number, the transaction may continue. The user can hold theportable wireless device 202 in the vicinity 222 of the contactlessreader 204. Through the use of the short range communications element inthe portable wireless device 202, the pseudo primary account number maybe transmitted 224 to the contactless reader 204 and to the merchant206, 226. The pseudo primary account identifier can then be included inan authorization request message 228 that is sent to an acquirer 208.The acquirer 208 may then send the authorization request message thatincludes the pseudo primary account number 230 to the payment processingnetwork 210. The messages that are sent between the merchant 206, theacquirer 208, and the payment processing network 210, are typically sentover a restricted access network that is separate from thecommunications channel used to request the pseudo primary accountidentifier.

The authorization request message containing the pseudo primary accountidentifier 230 may then be received by the payment processing network210. Using the data stored when the pseudo primary account number wasgenerated or received 218, the pseudo primary account identifier can beconverted to the primary account identifier 232. An authorizationrequest containing the real primary account identifier may then be sent234 to an issuer 212 which can process the transaction to determine ifit should be allowed or denied 236. The response to the authorizationrequest message, indicating if the transaction is approved or not canthen be sent 238 from the issuer 212, through the payment processingnetwork 210, 240 and acquirer 208, 242, back to the merchant 206. Basedon this response 242 the merchant can determine if the transactionshould proceed or not 244.

FIG. 3 is a message flow diagram illustrating an alternative messageflow according to another embodiment of the invention. In some cases,the communications network that may be used to request a pseudo primaryaccount number may not be available. For example, this may occur whenthe portable wireless device attempts to use the cellular telephonenetwork to request a pseudo primary identifier, but the portablewireless device is currently located in a dead spot, and suchcommunication is not possible. As such, the portable wireless device maynot be able to receive a pseudo primary account identifier. In suchcases, it may be beneficial to allow the transaction to complete usingthe primary account identifier, although this will inherently be lesssecure than the operation as described in FIG. 2.

The message flow in FIG. 3 is for the most part the same as that of FIG.2. The difference is at the point where the portable wireless devicerequests 314 and receives 316 the pseudo primary account identifier. Inthis case, it is possible in some embodiments for the transaction toproceed, using the same message flows as depicted in FIG. 2, with theexception that the primary account identifier is used instead of thepseudo primary account identifier. In such embodiments, it is furthernot necessary to convert the pseudo primary account identifier into aprimary account identifier. Although less secure than the previousoperation, this embodiment will still allow a transaction to complete inthe case where the communications network is unavailable.

FIG. 4 is a high-level flow diagram illustrating one embodiment of amethod of processing a transaction in accordance with an embodiment ofthe present invention. The process begins at 402 where a consumer haschosen to purchase goods and or services from a merchant. The consumerenters a PIN into his portable wireless device to unlock the device. Theconsumer then further selects the account he wishes to use to make thepurchase by selecting the virtual card that should be used to performthe transaction.

The process continues at step 404 where the portable wireless deviceattempts to retrieve a pseudo primary account identifier from thepayment processing network. If a pseudo primary account identifier issuccessfully retrieved 406, the process moves to step 408 where thepseudo primary account number is transmitted to the acquirer. Theacquirer then transmits the pseudo primary account identifier to thepayment processing network 410. The payment processing network will thenconvert the pseudo primary account identifier back to the primaryaccount identifier and further transmit the request to the issuer 412.

If the portable wireless device fails to retrieve a pseudo primaryaccount identifier at step 406 the process continues on to step 414where the transaction proceeds using the primary account identifier. Theprimary account identifier is transmitted from the portable wirelessdevice to the acquirer at step 416. From there the acquirer transmitsthe primary account identifier to the payment processing network at step418. Because no pseudo primary account identifier was retrieved, thereis no need to convert the primary account identifier, and it is furthertransmitted to the issuer at step 418.

At step 420, the issuer receives the transaction request that containsthe primary account identifier. Using any number of criteria, such asthe account specified by the primary account identifier being in goodstanding, having sufficient funds available, having sufficient creditavailable, etc., the issuer makes a decision at step 422 to eitherapprove or deny the transaction. If the transaction is denied, theprocess moves to step 424, and a message is returned indicating thetransaction has been denied. If the transaction is approved at step 422a message indicating approval is sent to the originator. Furthermore,settlement and clearing processes occur at step 428 to actually transferfunds from the account held at the issuer to the merchant.

FIG. 5 is a high level block diagram illustrating a portable wirelessdevice in accordance with the present invention. The portable wirelessdevice 502 may be virtually any type of device, such as a cellularphone, a personal digital assistant (PDA), pager, and the like, that maybe configured to perform embodiments of the present invention. In oneembodiment, portable wireless device 502 includes a communicationsmodule 503, which includes a long range wireless communications element504, a short range wireless communications element 506, a processor 508in communication with both the long and short range communicationselements, and further in communication with a memory 510, and a userinterface module 512.

The long range wireless communications element 504 may be designed totransmit and receive communications between the portable wireless device502 and a wireless access point 118, the access point providing accessto a communications network 116 through which the portable wirelessdevice may communicate with a payment processing network 110. Any numberof long range wireless communications elements are well known in the artand may be used to accomplish the reception and transmission of databetween the portable wireless device 502 and the wireless access point118. The long range wireless communications element may use any viablecommunications link such as optical transmission or RF transmission.

The short range wireless communications element 506 may be designed totransmit and receive communications between the portable wireless device502 and a contactless reader 104. Any number of short range wirelesscommunications elements are well known in the art and may be used toaccomplish this function. In one embodiment, the short range wirelesstransmission element may be a RFID tag, although any suitable shortrange wireless transmission element may be used.

The processor 508 may be virtually any type of integrated circuit and/ordata processing system, such as a microprocessor, field programmablegate array (FPGA), application specific integrated circuit (ASIC), andthe like, that may be configured to perform embodiments of the presentinvention.

The memory 510 can be a non-volatile or volatile memory such as a randomaccess memory that has sufficient space to hold the necessaryprogramming and data structures of the invention. While the memory 510is shown as a single entity, it should be understood that the memory 510may in fact comprise a plurality of modules, and that the memory 510 mayexist at multiple levels, from high speed registers and caches to lowerspeed but larger direct random access memory (DRAM) chips. In oneembodiment, the memory 510 may include a program that includes computercode for receiving a pseudo primary account identifier through the longrange wireless transmission element 504. The memory 510 may also includecode for generating a pseudo primary account number and sending thepseudo primary account number using the long range wireless transmissionelement 504. The memory 510 may further include computer code forproviding the pseudo primary account identifier to an access deviceincluding a contactless reader 104, through the short range wirelesscommunications element 506. The memory 510 may also include code tostore one or more primary account identifiers. The program may use anyone of a number of different programming languages. For example, theprogram code can be written in PLC code (e.g., ladder logic), ahigher-level language such as C, C++, Java, or a number of otherlanguages.

The user interface module 512 may be any type of interface that allows auser to interact with the portable wireless device 502. Examples of suchinterfaces may be keypads, keyboards, touch screens, voice responseunits, and the like.

Embodiments of the invention have a number of advantages. First, since apseudo account identifier is sent over a different communication networkthan the network that is used to conduct the authorization for thetransaction, the merchant never receives the actual account identifier.There are many fraudulent merchants and this process reduces fraud asthe merchant does not see the consumer's real account number. Second,since the “back end” server computer at the payment processing network(or at some other location) sends the pseudo account identifier, oralternatively receives a pseudo primary account identifier, it knowswhat account identifier to expect. The back end, remote server computercan change the pseudo account number as often as needed (e.g., with evertransaction, with every third transaction, etc.). Third, since thepseudo account identifier is retrieved (in some embodiments) when theuser is selecting a virtual card or is otherwise manipulating hisportable wireless device to conduct the transaction, the user does notexperience any delay in conducting the purchase. The retrieval of thepseudo account identifier is transparent to the consumer, and theconsumer need not know that the pseudo account identifier is everretrieved. The same transparency to the consumer is also present inembodiments where the portable wireless device generates the pseudoprimary account identifier.

FIG. 6 shows block diagrams of portable computer devices and subsystemsthat may be present in computer apparatuses in systems according toembodiments of the invention.

The portable wireless device that is used in embodiments of theinvention may be in any suitable form. For example, suitable portablewireless devices can be hand-held and compact so that they can fit intoa consumer's wallet and/or pocket (e.g., pocket-sized). They may includesmart cards, ordinary credit or debit cards (with a magnetic strip andwithout a microprocessor), keychain devices (such as the Speedpass™commercially available from Exxon-Mobil Corp.), etc. Other examples ofportable consumer devices include cellular phones, personal digitalassistants (PDAs), pagers, payment cards, security cards, access cards,smart media, transponders, and the like. The portable consumer devicescan also be debit devices (e.g., a debit card), credit devices (e.g., acredit card), or stored value devices (e.g., a stored value card).

An exemplary portable consumer device 602 in the form of a phone maycomprise a computer readable medium and a body as shown in FIG. 6. FIG.6 shows a number of components, and the portable wireless devicesaccording to embodiments of the invention may comprise any suitablecombination or subset of such components.) The computer readable medium606 may be present within the body 620, or may be detachable from it.The body 620 may be in the form a plastic substrate, housing, or otherstructure. The computer readable medium 606 may be a memory that storesdata and may be in any suitable form including a magnetic stripe, amemory chip, encryption algorithms, private or private keys, etc. Thememory also preferably stores information such as financial information,transit information (e.g., as in a subway or train pass), accessinformation (e.g., as in access badges), etc. Financial information mayinclude information such as bank account information, bankidentification number (BIN), credit or debit card number information,account balance information, expiration date, consumer information suchas name, date of birth, etc.

Information in the memory may also be in the form of data tracks thatare traditionally associated with credits cards. Such tracks includeTrack 1 and Track 2. Track 1 (“International Air Transport Association”)stores more information than Track 2, and contains the cardholder's nameas well as account number and other discretionary data. This track issometimes used by the airlines when securing reservations with a creditcard. Track 2 (“American Banking Association”) is currently mostcommonly used. This is the track that is read by ATMs and credit cardcheckers. The ABA (American Banking Association) designed thespecifications of this track and all world banks must abide by it. Itcontains the cardholder's account, encrypted PIN, plus otherdiscretionary data.

The portable wireless device 602 may further include a contactlesselement 618, which is typically implemented in the form of asemiconductor chip (or other data storage element) with an associatedwireless transfer (e.g., data transmission) element, such as an antenna.Contactless element 618 is associated with (e.g., embedded within)portable consumer device 602 and data or control instructionstransmitted via a cellular network may be applied to contactless element618 by means of a contactless element interface (not shown). Thecontactless element interface functions to permit the exchange of dataand/or control instructions between the mobile device circuitry (andhence the cellular network) and an optional contactless element 618.

Contactless element 618 is capable of transferring and receiving datausing a near field communications (“NFC”) capability (or near fieldcommunications medium) typically in accordance with a standardizedprotocol or data transfer mechanism (e.g., ISO 14443/NFC). Near fieldcommunications capability is a short-range communications capability,such as RFID, Bluetooth™, infra-red, or other data transfer capabilitythat can be used to exchange data between the portable wireless device602 and an interrogation device. Thus, the portable wireless device 602is capable of communicating and transferring data and/or controlinstructions via both cellular network and near field communicationscapability.

The portable consumer device 602 may also include a processor 608 (e.g.,a microprocessor) for processing the functions of the portable consumerdevice 602 and a display 610 to allow a consumer to see phone numbersand other information and messages. The portable wireless device 602 mayfurther include input elements 612 to allow a consumer to inputinformation into the device, a speaker 614 to allow the consumer to hearvoice communication, music, etc., and a microphone 622 to allow theconsumer to transmit her voice through the portable wireless device 602.The portable wireless device 602 may also include an antenna 604 forwireless data transfer (e.g., data transmission).

The various participants and elements in FIG. 1 may operate or use oneor more computer apparatuses to facilitate the functions describedherein. Any of the elements in FIG. 1 (e.g., the access device 104, themerchant 106, the acquirer 108, etc.) may use any suitable number ofsubsystems to facilitate the functions described herein. Examples ofsuch subsystems or components are shown in FIG. 7. The subsystems shownin FIG. 7 are interconnected via a system bus 775. Additional subsystemssuch as a printer 774, keyboard 778, fixed disk 779 (or other memorycomprising computer readable media), monitor 776, which is coupled todisplay adapter 782, and others are shown. Peripherals and input/output(I/O) devices, which couple to I/O controller 771, can be connected tothe computer system by any number of means known in the art, such asserial port 777. For example, serial port 777 or external interface 781can be used to connect the computer apparatus to a wide area networksuch as the Internet, a mouse input device, or a scanner. Theinterconnection via system bus allows the central processor 773 tocommunicate with each subsystem and to control the execution ofinstructions from system memory 772 or the fixed disk 779, as well asthe exchange of information between subsystems. The system memory 772and/or the fixed disk 779 may embody a computer readable medium.

The above description is illustrative but not restrictive. Manyvariations of the invention will become apparent to those skilled in theart upon review of the disclosure. The scope of the invention should,therefore, be determined not with reference to the above description,but instead should be determined with reference to the pending claimsalong with their full scope or equivalents.

A recitation of “a”, “an” or “the” is intended to mean “one or more”unless specifically indicated to the contrary.

1. A method of conducting a transaction comprising: receiving a PIN orpassword to unlock a portable wireless device; receiving a selection ofan account from a plurality of accounts displayed on the portablewireless device; in response to receiving the selection of the account,sending a request for and receiving a pseudo account identifier thatcorresponds to a consumer's account identifier associated with theselected account at the portable wireless device, wherein the pseudoaccount identifier was previously generated by a remote server computerand was previously sent over a first network prior to receiving thepseudo account identifier, wherein the pseudo account identifier wasgenerated in response to the selection of the account by the consumerwithout additional input from the consumer and wherein generation of thepseudo account identifier by the remote server computer and retrieval ofthe pseudo account identifier by the portable wireless device aretransparent to the consumer, wherein the consumer is unaware that thepseudo account identifier was generated by the remote server computerand was received at the portable wireless device; and providing thepseudo account identifier to an access device comprising a reader,wherein the access device is at a merchant and wherein the access devicethereafter sends an authorization request message comprising the pseudoaccount identifier to a payment processing network comprising the remoteserver computer over a second network, wherein the payment processingnetwork converts the pseudo account identifier in the authorizationrequest message back to the consumer's account identifier and forwardsthe authorization request message to an issuer of the selected account,wherein the issuer thereafter sends an authorization response message,and wherein the access device thereafter receives the authorizationresponse message from the issuer via the payment processing network,wherein the authorization response message indicates if the transactionis approved or not approved; wherein the first network is acommunications network and the second network is a transactionprocessing network, wherein the pseudo account identifier is transmittedfrom an RF communications element in the portable wireless device to theaccess device, and wherein the pseudo account identifier is receivedfrom the remote server computer via a long range communications elementin the portable wireless device.
 2. The method of claim 1 wherein theauthorization response message is printed on a receipt that is generatedby the access device, and the consumer receives the authorizationresponse message by receiving the receipt.
 3. The method of claim 1wherein the authorization response message was sent to the consumer overthe first network.
 4. The method of claim 1 wherein the accountidentifier is a primary account number and wherein the pseudo accountidentifier is a pseudo account number.
 5. The method of claim 1 whereinthe access device comprises a contactless reader.
 6. The method of claim1, wherein the remote server computer initiates sending the pseudoaccount identifier to the portable wireless device.
 7. The method ofclaim 1, further comprising if the long range communications elementcannot receive the pseudo primary account identifier, providing theconsumer's account identifier to the access device instead of the pseudoaccount identifier.
 8. The method of claim 1, wherein the use of thepseudo account identifier is transparent to the merchant such that themerchant has no knowledge as to whether the pseudo account identifier orconsumer's account identifier is being used in the transaction.
 9. Amethod comprising: receiving a request for a pseudo account identifiercorresponding to a first account identifier, wherein the request isreceived over a first network, wherein the request for the pseudoaccount identifier is generated by the portable wireless device inresponse to a selection by a consumer of an account associated with thefirst account identifier without additional input from the consumer;generating, by a remote server computer, a pseudo account identifiercorresponding to the first account identifier; sending the generatedpseudo account identifier to the portable wireless device over the firstnetwork, wherein the portable wireless device is thereafter capable ofperforming one or more transactions by providing the pseudo accountidentifier to an access device, and wherein generation of the pseudoaccount identifier by the remote server computer and retrieval of thepseudo account identifier by the portable wireless device is transparentto the consumer, wherein the consumer is unaware that the pseudo accountidentifier was previously generated in response to the selection of theaccount associated with the first account identifier from a plurality ofaccounts displayed on the portable wireless device; receiving anauthorization request message comprising the pseudo account identifierover a second network; converting the pseudo account identifier in theauthorization request message to the first account identifier andforwarding the authorization request message to an issuer of theselected account, wherein the issuer thereafter sends an authorizationresponse message; receiving the authorization response message; andforwarding the authorization response message received from the issuerto the access device; wherein the first network is a communicationsnetwork and the second network is a transaction processing network,wherein the pseudo account identifier is transmitted from an RFcommunications element in the portable wireless device to the accessdevice, and wherein the pseudo account identifier is received from theremote server computer via a long range communications element in theportable wireless device.
 10. The method of claim 9 further comprisingstoring the generated pseudo account identifier and its correspondingfirst account identifier.
 11. A method comprising: receiving, by anaccess device, a pseudo primary account identifier from a portablewireless device, wherein said pseudo primary account identifiercorresponds to a primary account identifier and was generated withoutinput from a consumer and the generation and retrieval of the pseudoaccount identifier is transparent to the consumer, wherein the consumeris unaware that the pseudo account identifier was generated by a remoteserver computer and was requested by the portable wireless device,wherein the pseudo account number was previously generated in responseto a selection of an account associated with the first accountidentifier from a plurality of accounts displayed on the portablewireless device; sending, by the access device, a transactionauthorization request comprising the pseudo primary account identifierto a payment processing network, wherein the pseudo primary accountidentifier is thereafter converted to the primary account identifier,wherein the transaction authorization request is processed to approve ordeny the transaction, and wherein the transaction authorization requestwith the primary account identifier is sent to an issuer of the primaryaccount identifier; and receiving, by the access device, anauthorization response message from the issuer via the paymentprocessing network, wherein the authorization response message indicatesif the transaction is approved or not approved; wherein the transactionauthorization request is sent to the payment processing network over atransaction processing network, wherein the pseudo account identifier istransmitted from an RF communications element in the portable wirelessdevice to the access device, and wherein the pseudo account identifieris received from the remote server computer via a long rangecommunications element in the portable wireless device.
 12. The methodof claim 11 further comprising printing a receipt that indicates if thetransaction is approved or not approved.
 13. The method of claim 11wherein the pseudo account identifier is received by the access devicecomprising a contactless reader.
 14. A portable wireless device forperforming proximity transactions comprising: a long range wirelesscommunication element; a short range communication element; a processorcoupled to the long range wireless communication element and the shortrange communication element; a memory coupled to the processor, thememory comprising computer code for receiving a PIN or password from aconsumer to unlock the portable wireless device, computer code forreceiving a selection of an account from the consumer, computer code forreceiving a pseudo account identifier that corresponds to a primaryaccount identifier associated with the selected account, wherein thepseudo account identifier is generated by a remote server computer andwas sent over a first network and is received by the portable wirelessdevice using the long range communication element, wherein the pseudoaccount identifier was generated in response to the selection of theaccount by the consumer without additional input from the consumer andthe generation and retrieval of the pseudo account identifier istransparent to the consumer, wherein the consumer is unaware that thepseudo account identifier is generated by the remote server computer andwas requested by the portable wireless device, wherein the pseudoaccount number was previously generated in response to a selection of anaccount associated with the first account identifier from a plurality ofaccounts displayed on the portable wireless device, computer code forproviding the pseudo account identifier to an access device comprising areader using the short range communication element, and computer codefor storing at least one primary account identifier, wherein theportable wireless device is a phone, wherein the pseudo accountidentifier is transmitted from an RF communications element in theportable wireless device to the access device, and wherein the pseudoaccount identifier is received from the remote server computer via along range communications element in the portable wireless device. 15.The portable wireless device of claim 14 further comprising a userinterface module, wherein the user interface module allows the user toselect one of the at least one primary account identifiers.
 16. Theportable wireless device of claim 14 wherein the memory coupled to theprocessor further comprises computer code for enabling and disabling thedevice.
 17. The portable wireless device of claim 14 wherein the memorycoupled to the processor further comprises computer code for selecting aprimary account identifier to be used for a transaction.
 18. Theportable wireless device of claim 14 wherein the short rangecommunications element is an RF communications element.
 19. The methodof claim 6 wherein the pseudo account identifier expires after apredetermined number of transactions.